sckmd

- Sun cryptographic key management daemon

Synopsis

/usr/platform/sun4u/lib/sckmd

Description

sckmd is a server process that resides on a high-end system domain
to maintain the Internet Protocol Security (IPsec) Security Associations (SAs) needed to
secure communications between a Service Processor or System Controller (SC) and platform management
software running within a domain. The cvcd(1M) and dcs(1M) daemons use these Security
Associations. See ipsec(7P) for a description of Security Associations.

The sckmd daemon receives SAs from the Service Processor or SC and
installs these SAs in a domain's Security Association Database (SADB) using pf_key(7P).

sckmd starts up at system boot time as an SMF service. The
FMRI for the sckmd service is:

See Also

Notes

The sckmd service is used only on Sun Fire high-end systems and
the SPARC Enterprise Server family. It provides a mechanism for exchanging IPsec
keys between a domain and its System Controller (SC) or Service Processor. These
platforms use IPsec to secure the communications between the SC or Service
Processor and certain platform-specific daemons in the domain. Such daemons currently include
cvcd(1M) and dcs(1M).

The documentation for each platform that supports sckmd describes how to configure
its use of IPsec for such communications. Also, the documentation for each
specific application describes how to configure its security policies and IPsec options in
a manner appropriate for the target platform. Refer to the platform- and
application-specific documentation for detailed information.